Home Forums Software InstaDMG AD binding / password hash.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • December 22, 2010 at 1:44 am #380201
    bango
    Participant

    Hi there,

    I have a bash script that will help us bind our Macs to AD. In the script there is a field to enter the username and password. I’m ok with putting the username in but not the password and was thinking about using a password hash file but dont know how actually i would call it etc from the script??..
    I would then create a pkg (containing the ad bind.sh and password_hash files) and reference this in a catalog file.
    thanks in advance.

    December 22, 2010 at 3:46 pm #380202
    scifiman
    Participant

    I know the createUser.pkg file here on afp548 has a password hash function but I’m not sure how that is called.
    Other alternatives could be to have a bind only user so that even if it is compromised, the permissions are such that an attacker couldn’t really do anything.
    Couple that with deleting the script after it runs by making the last line srm “$0”. This will cause the script to be, in essence, self-destructing.

    Hope this helps.

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.

Comments are closed

Copyright © 2025 AFP548. All Rights Reserved.